SecuriTricks - 2024-07-19

Title	Published	Tags	Description	Number of indicators
HotPage: Story of a signed, vulnerable, ad-injecting driver	July 19, 2024, 3:37 p.m.	2024-07-19 hotpage sys driver	This report investigates a sophisticated Chinese browser injector called HotPage, capable of injecting code into remote processes…	5
Warning Against the Distribution of Malware Disguised as Software Cracks	July 19, 2024, 5:17 a.m.	malware xmrig coinminer persistence installer 2024-07-19 update	This advisory cautions about the distribution of malware masquerading as crack programs for software. The malicious actors aim to…	1

Vulnerabilities

CVE	CVSS	Published	Product impacted	Tags
CVE-2024-6205	9.8	July 19, 2024, 6:15 a.m.	PayPlus Payment Gateway WordPress plugin	contact@wpscan.com CWE-89 2024-07-19 CVE-2024-6205
CVE-2024-6900	8.8	July 19, 2024, 7:15 a.m.	SourceCodester Record Management System	CWE-89 cna@vuldb.com 2024-07-19 CVE-2024-6900
CVE-2024-6901	8.8	July 19, 2024, 7:15 a.m.	SourceCodester Record Management System	CWE-89 cna@vuldb.com 2024-07-19 CVE-2024-6901
CVE-2024-6338	8.8	July 19, 2024, 8:15 a.m.	FV Flowplayer Video Player plugin for WordPress	security@wordfence.com CWE-89 2024-07-19 CVE-2024-6338
CVE-2024-6902	8.8	July 19, 2024, 8:15 a.m.	SourceCodester Record Management System	CWE-89 cna@vuldb.com 2024-07-19 CVE-2024-6902
CVE-2024-6903	8.8	July 19, 2024, 8:15 a.m.	SourceCodester Record Management System	CWE-89 cna@vuldb.com 2024-07-19 CVE-2024-6903
CVE-2024-41121	8.8	July 19, 2024, 8:15 p.m.	Woodpecker CI/CD engine	security-advisories@github.com CWE-74 2024-07-19 CVE-2024-41121
CVE-2024-39906	8.3	July 19, 2024, 8:15 p.m.	Haven blog web application	security-advisories@github.com CWE-74 2024-07-19 CVE-2024-39906
CVE-2024-21527	8.2	July 19, 2024, 5:15 a.m.	github.com/gotenberg/gotenberg/v8/pkg/gotenberg	CWE-918 report@snyk.io 2024-07-19 CVE-2024-21527
CVE-2024-32007	7.5	July 19, 2024, 9:15 a.m.	Apache CXF JOSE	CWE-20 security@apache.org NVD-CWE-noinfo 2024-07-19 CVE-2024-32007
CVE-2024-41122	7.5	July 19, 2024, 8:15 p.m.	Woodpecker CI/CD engine	security-advisories@github.com CWE-74 2024-07-19 CVE-2024-41122
CVE-2024-6898	7.3	July 19, 2024, 4:15 a.m.	SourceCodester Record Management System	CWE-89 cna@vuldb.com 2024-07-19 CVE-2024-6898
CVE-2024-37066	6.8	July 19, 2024, 12:15 p.m.	Wyze V4 Pro	CWE-78 6f8de1f0-f67e-45a6-b68f-98777fdb759c 2024-07-19 CVE-2024-37066
CVE-2024-6899	6.3	July 19, 2024, 5:15 a.m.	SourceCodester Record Management System	CWE-89 cna@vuldb.com 2024-07-19 CVE-2024-6899
CVE-2024-6904	6.3	July 19, 2024, 9:15 a.m.	SourceCodester Record Management System	CWE-89 cna@vuldb.com 2024-07-19 CVE-2024-6904
CVE-2024-6905	6.3	July 19, 2024, 9:15 a.m.	SourceCodester Record Management System	CWE-89 cna@vuldb.com 2024-07-19 CVE-2024-6905
CVE-2024-6906	6.3	July 19, 2024, 10:15 a.m.	SourceCodester Record Management System	CWE-89 cna@vuldb.com 2024-07-19 CVE-2024-6906
CVE-2024-41124	6.3	July 19, 2024, 8:15 p.m.	Puncia	security-advisories@github.com CWE-311 2024-07-19 CVE-2024-41124
CVE-2024-38156	6.1	July 19, 2024, 2:15 a.m.	Microsoft Edge (Chromium-based)	CWE-79 secure@microsoft.com 2024-07-19 CVE-2024-38156
CVE-2024-6916	5.9	July 19, 2024, 11:15 a.m.	Zowe CLI	zowe-security@lists.openmainframeproject.org 2024-07-19 CVE-2024-6916
CVE-2024-35198	5.7	July 19, 2024, 2:15 a.m.	TorchServe	security-advisories@github.com CWE-706 2024-07-19 CVE-2024-35198
CVE-2024-5977	5.4	July 19, 2024, 11:15 a.m.	GiveWP - Donation Plugin and Fundraising Platform	security@wordfence.com CWE-639 2024-07-19 CVE-2024-5977
CVE-2024-35199	4.7	July 19, 2024, 2:15 a.m.	TorchServe	security-advisories@github.com CWE-668 2024-07-19 CVE-2024-35199
CVE-2024-6799	4.3	July 19, 2024, 8:15 a.m.	YITH Essential Kit for WooCommerce #1 plugin for WordPress	security@wordfence.com CWE-862 2024-07-19 CVE-2024-6799
CVE-2024-21583	4.1	July 19, 2024, 5:15 a.m.	github.com/gitpod-io/gitpod/components/server/go/pkg/lib	CWE-15 report@snyk.io 2024-07-19 CVE-2024-21583
CVE-2024-30130	3.7	July 19, 2024, 2:15 a.m.	HCL Nomad server on Domino	psirt@hcl.com CWE-525 2024-07-19 CVE-2024-30130
CVE-2024-6907	3.5	July 19, 2024, 10:15 a.m.	SourceCodester Record Management System	CWE-79 cna@vuldb.com 2024-07-19 CVE-2024-6907
CVE-2023-7268	None	July 19, 2024, 6:15 a.m.	ArtPlacer Widget WordPress plugin	contact@wpscan.com 2024-07-19 CVE-2023-7268
CVE-2023-7269	None	July 19, 2024, 6:15 a.m.	ArtPlacer Widget WordPress plugin	contact@wpscan.com 2024-07-19 CVE-2023-7269
CVE-2024-5604	None	July 19, 2024, 6:15 a.m.	Bug Library WordPress plugin	contact@wpscan.com 2024-07-19 CVE-2024-5604
CVE-2024-40724	None	July 19, 2024, 8:15 a.m.	Assimp	vultures@jpcert.or.jp 2024-07-19 CVE-2024-40724
CVE-2024-29736	None	July 19, 2024, 9:15 a.m.	Apache CXF	security@apache.org CWE-918 2024-07-19 CVE-2024-29736
CVE-2024-39457	None	July 19, 2024, 9:15 a.m.	Cybozu Garoon	vultures@jpcert.or.jp 2024-07-19 CVE-2024-39457
CVE-2024-41172	None	July 19, 2024, 9:15 a.m.	Apache CXF	security@apache.org CWE-401 2024-07-19 CVE-2024-41172
CVE-2024-41107	None	July 19, 2024, 11:15 a.m.	CloudStack	security@apache.org CWE-290 2024-07-19 CVE-2024-41107
CVE-2024-0006	None	July 19, 2024, 3:15 p.m.	Yugabyte Platform	CWE-532 2024-07-19 CVE-2024-0006 security@yugabyte.com
CVE-2024-27489	None	July 19, 2024, 3:15 p.m.	WMCMS	cve@mitre.org 2024-07-19 CVE-2024-27489
CVE-2024-39962	None	July 19, 2024, 3:15 p.m.	D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router	cve@mitre.org 2024-07-19 CVE-2024-39962
CVE-2024-39963	None	July 19, 2024, 3:15 p.m.	Unknown	cve@mitre.org 2024-07-19 CVE-2024-39963
CVE-2024-6895	None	July 19, 2024, 3:15 p.m.	Yugabyte Platform	CWE-306 2024-07-19 security@yugabyte.com CVE-2024-6895
CVE-2024-6908	None	July 19, 2024, 3:15 p.m.	Yugabyte Platform	CWE-269 2024-07-19 security@yugabyte.com CVE-2024-6908
CVE-2024-24970	None	July 19, 2024, 5:15 p.m.	HP Display Control software component within the HP Application Enabling Software Driver	hp-security-alert@hp.com 2024-07-19 CVE-2024-24970
CVE-2024-29080	None	July 19, 2024, 5:15 p.m.	HP Application Enabling Software Driver	hp-security-alert@hp.com 2024-07-19 CVE-2024-29080
CVE-2024-41281	None	July 19, 2024, 5:15 p.m.	Linksys WRT54G	cve@mitre.org 2024-07-19 CVE-2024-41281
CVE-2024-41492	None	July 19, 2024, 5:15 p.m.	Tenda AX1806	cve@mitre.org 2024-07-19 CVE-2024-41492
CVE-2024-41601	None	July 19, 2024, 5:15 p.m.	lin-CMS	cve@mitre.org 2024-07-19 CVE-2024-41601
CVE-2024-41602	None	July 19, 2024, 5:15 p.m.	Spina CMS	cve@mitre.org 2024-07-19 CVE-2024-41602
CVE-2024-41603	None	July 19, 2024, 5:15 p.m.	Spina CMS	cve@mitre.org 2024-07-19 CVE-2024-41603
CVE-2024-41600	None	July 19, 2024, 6:15 p.m.	lin-CMS Springboot	cve@mitre.org 2024-07-19 CVE-2024-41600
CVE-2024-40400	None	July 19, 2024, 7:15 p.m.	Automad	cve@mitre.org 2024-07-19 CVE-2024-40400
CVE-2024-39123	None	July 19, 2024, 8:15 p.m.	janeczku Calibre-Web	cve@mitre.org 2024-07-19 CVE-2024-39123
CVE-2024-41597	None	July 19, 2024, 8:15 p.m.	ProcessWire	cve@mitre.org 2024-07-19 CVE-2024-41597
CVE-2024-41599	None	July 19, 2024, 8:15 p.m.	RuoYi	cve@mitre.org 2024-07-19 CVE-2024-41599

» Click here to see all Vulnerabilities «

Tag : 2024-07-19

Attack Reports

Vulnerabilities